Providence reaches data breach settlement
HIPAA Weekly Advisor, October 9, 2006
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Providence Health System must continue to provide 12 months of free credit monitoring to patients affected by the data breach that occurred in late 2005, according to a settlement with Oregon Attorney General Hardy Meyers. The agreement also requires the Oregon-based provider to pay patient claims for any financial losses directly resulting from the data theft.
"Providence waited over three weeks before informing the Oregon Department of Justice and 365,000 home-services patients of a data breach concerning personal medical and financial information," an unacceptable oversight, Myers said in a release. The data breach and ensuing investigation took off after a thief stole backup tapes from an employee's van.
Under the settlement, Providence will upgrade its information security program and regularly test its effectiveness. Providence has already hired a private security company to transport its backup data to a secured site and Providence employees no longer take patient data home, according to the release.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- News and briefs: Oklahoma Osteopathic Association against residency bill change
- HIPAA Q&A: Level of encryption needed for email
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- Joint Commission Center announces handoff communication solutions
- Inside best practice: Reduce patient falls with a stoplight
- Identify modifiable risk factors to prevent patient falls
- Searched